Gregory Sloop wrote:
> Would you mind showing me how you got there?
I like https://dnsviz.net/ and https://zonemaster.net/ - dnsviz is better
at showing DNSSEC issues, and zonemaster has a bigger collection of
general DNS checks, so it's worth using them both.
Tony.
--
f.anthony.n.finchhtt
dig +trace +all and it stood out.
> On 3 Mar 2021, at 13:20, Gregory Sloop wrote:
>
> Would you mind showing me how you got there?
> [The answer is fab, obviously. But give a man a fish...and all that. :) ]
>
> -Greg
>
>
>
> MA> The COM servers have stale glue
>
> MA> srvns.pacifier.com.
Let me take a swing at it. If I'm wrong, someone correct me.
1) dig the name servers for the 1st level domain. (In this case, it's a .com.)
# dig +short com. NS
c.gtld-servers.net.
f.gtld-servers.net.
j.gtld-servers.net.
l.gtld-servers.net.
k.gtld-servers.net.
d.gtld-servers.net.
g.gtld-servers.ne
Would you mind showing me how you got there?
[The answer is fab, obviously. But give a man a fish...and all that. :) ]
-Greg
MA> The COM servers have stale glue
MA> srvns.pacifier.com. 172800 IN A 216.65.128.5
MA> webns.pacifier.com. 172800 IN A 216.65.128.1
M
The COM servers have stale glue
srvns.pacifier.com. 172800 IN A 216.65.128.5
webns.pacifier.com. 172800 IN A 216.65.128.1
vs
srvns.pacifier.com. 86400 IN A 64.255.237.241
webns.pacifier.com. 86400 IN A 64.255.237.240
The later se
I've got a case, (and I see several other similar reports) where BIND is
failing to find an A record for a domain.
Yet a dig +trace does.
(I'm doing the dig on the BIND server. It's set to be a root resolving server,
not a forwarder.)
As I understand this, +trace will also involve resolve.conf
6 matches
Mail list logo
